Vulnerability Details : CVE-2015-7547
Potential exploit
Multiple stack-based buffer overflows in the (1) send_dg and (2) send_vc functions in the libresolv library in the GNU C Library (aka glibc or libc6) before 2.23 allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted DNS response that triggers a call to the getaddrinfo function with the AF_UNSPEC or AF_INET6 address family, related to performing "dual A/AAAA DNS queries" and the libnss_dns.so.2 NSS module.
Vulnerability category: OverflowExecute codeDenial of service
Products affected by CVE-2015-7547
- cpe:2.3:a:hp:server_migration_pack:7.5:*:*:*:*:*:*:*
- cpe:2.3:a:hp:helion_openstack:2.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:hp:helion_openstack:1.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:hp:helion_openstack:2.1.0:*:*:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:linux_enterprise_desktop:11.0:sp3:*:*:*:*:*:*
- cpe:2.3:o:suse:linux_enterprise_desktop:12:*:*:*:*:*:*:*
- cpe:2.3:o:suse:linux_enterprise_desktop:11.0:sp4:*:*:*:*:*:*
- cpe:2.3:o:suse:linux_enterprise_desktop:12:sp1:*:*:*:*:*:*
- cpe:2.3:o:suse:linux_enterprise_server:11.0:sp3:*:*:*:*:*:*
- cpe:2.3:o:suse:linux_enterprise_server:12:sp1:*:*:*:*:*:*
- cpe:2.3:o:suse:linux_enterprise_server:11.0:sp2:*:*:lts:*:*:*
- cpe:2.3:o:suse:linux_enterprise_server:11.0:sp4:*:*:*:*:*:*
- cpe:2.3:o:suse:linux_enterprise_server:11.0:sp3:*:*:*:vmware:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server:12:*:*:*:*:*:*:*
- cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:*:*:*:*:*:*:*
- cpe:2.3:o:suse:linux_enterprise_software_development_kit:11.0:sp4:*:*:*:*:*:*
- cpe:2.3:o:suse:linux_enterprise_software_development_kit:11.0:sp3:*:*:*:*:*:*
- cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:sp1:*:*:*:*:*:*
- cpe:2.3:a:suse:linux_enterprise_debuginfo:11.0:sp4:*:*:*:*:*:*
- cpe:2.3:a:suse:linux_enterprise_debuginfo:11.0:sp3:*:*:*:*:*:*
- cpe:2.3:a:suse:linux_enterprise_debuginfo:11.0:sp2:*:*:*:*:*:*
- cpe:2.3:a:gnu:glibc:2.9:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:glibc:2.10:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:glibc:2.13:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:glibc:2.10.1:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:glibc:2.11:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:glibc:2.11.1:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:glibc:2.12.1:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:glibc:2.11.3:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:glibc:2.11.2:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:glibc:2.12.2:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:glibc:2.12:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:glibc:2.14:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:glibc:2.16:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:glibc:2.15:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:glibc:2.14.1:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:glibc:2.17:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:glibc:2.18:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:glibc:2.21:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:glibc:2.20:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:glibc:2.22:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:glibc:2.19:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:exalogic_infrastructure:1.0:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:exalogic_infrastructure:2.0:*:*:*:*:*:*:*
- cpe:2.3:o:oracle:fujitsu_m10_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_local_traffic_manager:12.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_application_security_manager:12.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_access_policy_manager:12.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_link_controller:12.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_analytics:12.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_policy_enforcement_manager:12.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_domain_name_system:12.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:sophos:unified_threat_management_software:9.355:*:*:*:*:*:*:*
- cpe:2.3:a:sophos:unified_threat_management_software:9.319:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
- cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2015-7547
97.22%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 100 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2015-7547
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
6.8
|
MEDIUM | AV:N/AC:M/Au:N/C:P/I:P/A:P |
8.6
|
6.4
|
NIST | |
8.1
|
HIGH | CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H |
2.2
|
5.9
|
NIST |
CWE ids for CVE-2015-7547
-
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.Assigned by: nvd@nist.gov (Primary)
References for CVE-2015-7547
-
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722
HPSBMU03691 rev.1 - HPE Insight Control, Multiple Remote Vulnerabilities
-
http://marc.info/?l=bugtraq&m=145672440608228&w=2
'[security bulletin] HPSBGN03549 rev.1 - HP IceWall Products using glibc, Remote Denial of Service (D' - MARC
-
https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes
StruxureWare Data Center Operation Software Vulnerability Fixes - User Assistance for StruxureWare Data Center Operation 8 - Help Center: Support for EcoStruxure IT, StruxureWare for Data Centers, and
-
http://ubuntu.com/usn/usn-2900-1
USN-2900-1: GNU C Library vulnerability | Ubuntu security noticesThird Party Advisory
-
https://security.netapp.com/advisory/ntap-20160217-0002/
CVE-2015-7547 GNU C Library (glibc) Vulnerability in Multiple NetApp Products | NetApp Product Security
-
http://seclists.org/fulldisclosure/2021/Sep/0
Full Disclosure: SEC Consult SA-20210901-0 :: Multiple vulnerabilities in MOXA devices
-
http://seclists.org/fulldisclosure/2019/Sep/7
Full Disclosure: SEC Consult SA-20190904-0 :: Multiple vulnerabilities in Cisco router series RV34X, RV26X and RV16X
-
https://www.exploit-db.com/exploits/39454/
glibc - 'getaddrinfo' Stack Buffer Overflow (PoC)
-
http://www.fortiguard.com/advisory/glibc-getaddrinfo-stack-overflow
FortiGuard
-
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05073516
HPSBNS03571 rev.1 - HPE NonStop Virtual TapeServer (VTS), Remote Arbitrary Code Execution, Denial of Service (DoS), Unauthorized Information Disclosure
-
http://marc.info/?l=bugtraq&m=146161017210491&w=2
'[security bulletin] HPSBGN03582 rev.1 - HPE Helion CloudSystem using glibc, Remote Code Execution, D' - MARC
-
http://www.debian.org/security/2016/dsa-3480
Debian -- Security Information -- DSA-3480-1 eglibc
-
https://security.gentoo.org/glsa/201602-02
GNU C Library: Multiple vulnerabilities (GLSA 201602-02) — Gentoo securityThird Party Advisory
-
http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html
cpuapr2016v3Patch;Third Party Advisory
-
http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html
Oracle Critical Patch Update - January 2018
-
https://sourceware.org/ml/libc-alpha/2016-02/msg00416.html
Carlos O'Donell - [PATCH] CVE-2015-7547 --- glibc getaddrinfo() stack-based buffer overfloMailing List;Vendor Advisory
-
http://marc.info/?l=bugtraq&m=145690841819314&w=2
'[security bulletin] HPSBGN03442 rev.1 - HP Helion OpenStack using glibc, Remote Denial of Service (D' - MARC
-
https://blogs.sophos.com/2016/02/24/utm-up2date-9-355-released/
UTM Up2Date 9.355 released – Sophos NewsThird Party Advisory
-
http://fortiguard.com/advisory/glibc-getaddrinfo-stack-overflow
FortiGuard
-
http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177404.html
[SECURITY] Fedora 22 Update: glibc-2.21-11.fc22
-
http://rhn.redhat.com/errata/RHSA-2016-0225.html
RHSA-2016:0225 - Security Advisory - Red Hat Customer Portal
-
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05130958
HPSBMU03591 rev.2 - HPE Server Migration Pack, Remote Denial of Service (DoS)Third Party Advisory
-
http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177412.html
[SECURITY] Fedora 23 Update: glibc-2.22-9.fc23
-
http://rhn.redhat.com/errata/RHSA-2016-0277.html
RHSA-2016:0277 - Security Advisory - Red Hat Customer Portal
-
http://www.debian.org/security/2016/dsa-3481
Debian -- Security Information -- DSA-3481-1 glibcThird Party Advisory
-
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04989404
HPSBGN03547 rev.3 - HPE Helion Eucalyptus Node Controller and other Helion Eucalyptus Components using glibc, Remote Arbitrary Code ExecutionThird Party Advisory
-
https://kc.mcafee.com/corporate/index?page=content&id=SB10150
McAfee Security Bulletin: glibc vulnerabilities CVE-2015-5229 and CVE-2015-7547Third Party Advisory
-
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05008367
HPSBGN03549 rev.1 - HP IceWall Products using glibc, Remote Denial of Service (DoS), Arbitrary Code Execution
-
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05125672
HPSBGN03597 rev.1 - HPE Cloud Optimizer (Virtualization Performance Viewer) using glibc Remote Denial of Service (DoS)Third Party Advisory
-
https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40161
Pulse Security Advisory: SA40161 - [Pulse Secure] glibc getaddrinfo stack-based buffer overflow (CVE-2015-7547)Third Party Advisory
-
http://packetstormsecurity.com/files/164014/Moxa-Command-Injection-Cross-Site-Scripting-Vulnerable-Software.html
Moxa Command Injection / Cross Site Scripting / Vulnerable Software ≈ Packet Storm
-
http://marc.info/?l=bugtraq&m=145857691004892&w=2
'[security bulletin] HPSBGN03551 rev.1 - HPE Helion Development Platform using glibc, Remote Denial o' - MARC
-
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05376917
HPSBMU03685 rev.1 - HPE Insight Control server provisioning (ICsp), Multiple Remote Vulnerabilities
-
http://rhn.redhat.com/errata/RHSA-2016-0175.html
RHSA-2016:0175 - Security Advisory - Red Hat Customer Portal
-
https://sourceware.org/bugzilla/show_bug.cgi?id=18665
18665 – (CVE-2015-7547) In send_dg, the recvfrom function is NOT always using the buffer size of a newly created buffer (CVE-2015-7547)Issue Tracking
-
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05140858
HPSBHF03578 rev.1 - HPE ConvergedSystem for SAP HANA using glibc, Multiple Remote VulnerabilitiesThird Party Advisory
-
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05176716
HPSBGN03553 rev.1 - HP OneView Products using glibc and OpenSSL, Multiple Remote Vulnerabilties
-
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00043.html
[security-announce] openSUSE-SU-2016:0511-1: critical: Security update fThird Party Advisory
-
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05128937
HPSBST03598 rev.1 - HPE 3PAR OS using glibc, Remote Denial of Service (DoS), Arbitrary Code ExecutionThird Party Advisory
-
http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
Oracle Linux Bulletin - January 2016
-
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05053211
HPSBGN03551 rev.1 - HPE Helion Development Platform using glibc, Remote Denial of Service (DoS), Arbitrary Code Execution
-
https://support.f5.com/kb/en-us/solutions/public/k/47/sol47098834.html
Third Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00037.html
[security-announce] SUSE-SU-2016:0471-1: important: Security update forThird Party Advisory
-
https://seclists.org/bugtraq/2019/Sep/7
Bugtraq: SEC Consult SA-20190904-0 :: Multiple vulnerabilities in Cisco router series RV34X, RV26X and RV16X
-
http://www.securitytracker.com/id/1035020
Glibc getaddrinfo() Stack Overflow Lets Remote or Local Users Execute Arbitrary Code - SecurityTracker
-
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00039.html
[security-announce] SUSE-SU-2016:0473-1: important: Security update forThird Party Advisory
-
http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html
Cisco Device Hardcoded Credentials / GNU glibc / BusyBox ≈ Packet Storm
-
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05098877
HPSBGN03582 rev.1 - HPE Helion CloudSystem using glibc, Remote Code Execution, Denial of Service (DoS)Third Party Advisory
-
https://www.kb.cert.org/vuls/id/457759
VU#457759 - glibc vulnerable to stack buffer overflow in DNS resolver
-
http://marc.info/?l=bugtraq&m=145596041017029&w=2
'[security bulletin] HPSBGN03547 rev.1 - HPE Helion Eucalyptus Node Controller and other Helion Eucal' - MARC
-
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00038.html
[security-announce] SUSE-SU-2016:0472-1: important: Security update forThird Party Advisory
-
https://googleonlinesecurity.blogspot.com/2016/02/cve-2015-7547-glibc-getaddrinfo-stack.html
Google Online Security Blog: CVE-2015-7547: glibc getaddrinfo stack-based buffer overflow
-
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00036.html
[security-announce] SUSE-SU-2016:0470-1: important: Security update forThird Party Advisory
-
https://access.redhat.com/articles/2161461
Critical security flaw: glibc stack-based buffer overflow in getaddrinfo() (CVE-2015-7547) - Red Hat Customer PortalThird Party Advisory
-
https://bto.bluecoat.com/security-advisory/sa114
SA114 : GNU C Library (glibc) Remote Code Execution February 2016Third Party Advisory
-
https://www.arista.com/en/support/advisories-notices/security-advisories/1255-security-advisory-17
Security Advisory 0017 - Arista
-
http://support.citrix.com/article/CTX206991
CVE-2015-7547 - Citrix Security Advisory for glibc Vulnerability
-
http://www.securityfocus.com/bid/83265
GNU glibc 'getaddrinfo()' Function Multiple Stack Buffer Overflow Vulnerabilities
-
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380
HPSBMU03612 rev.2 - HPE Insight Control on Windows and Linux, Multiple Remote Vulnerabilities
-
http://seclists.org/fulldisclosure/2022/Jun/36
Full Disclosure: SEC Consult SA-20220615-0 :: Hardcoded Backdoor User and Outdated Software Components in Nexans FTTO GigaSwitch series
-
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05212266
HPSBST03603 rev.1 - HPE StoreVirtual Products running LeftHand OS using glibc, Remote Arbitrary Code Execution, Denial of Service (DoS)
-
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00042.html
[security-announce] openSUSE-SU-2016:0510-1: important: Security updateThird Party Advisory
-
https://www.exploit-db.com/exploits/40339/
glibc - 'getaddrinfo' Remote Stack Buffer Overflow
-
https://support.lenovo.com/us/en/product_security/len_5450
Page Not Found - US
-
https://ics-cert.us-cert.gov/advisories/ICSA-16-103-01
Siemens Industrial Products glibc Library Vulnerability (Update C) | CISA
-
https://blogs.sophos.com/2016/02/29/utm-up2date-9-319-released/
UTM Up2Date 9.319 released – Sophos NewsThird Party Advisory
-
https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05028479
HPSBGN03442 rev.2 - HP Helion OpenStack using glibc, Remote Denial of Service (DoS), Arbitrary Code ExecutionThird Party Advisory
-
https://www.tenable.com/security/research/tra-2017-08
[R1] Portable SDK for UPnP Devices (libupnp) glibc Implementation getaddrinfo() Function Remote Stack Overflow - Research Advisory | Tenable®
-
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00044.html
[security-announce] openSUSE-SU-2016:0512-1: critical: Security update fThird Party Advisory
-
http://packetstormsecurity.com/files/167552/Nexans-FTTO-GigaSwitch-Outdated-Components-Hardcoded-Backdoor.html
Nexans FTTO GigaSwitch Outdated Components / Hardcoded Backdoor ≈ Packet Storm
-
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160304-01-glibc-en
Security Advisory - GNU Glibc Buffer Overflow Security Vulnerability
-
http://packetstormsecurity.com/files/135802/glibc-getaddrinfo-Stack-Based-Buffer-Overflow.html
glibc getaddrinfo Stack-Based Buffer Overflow ≈ Packet Storm
-
https://bugzilla.redhat.com/show_bug.cgi?id=1293532
1293532 – (CVE-2015-7547) CVE-2015-7547 glibc: getaddrinfo stack-based buffer overflowIssue Tracking;Third Party Advisory
-
http://rhn.redhat.com/errata/RHSA-2016-0176.html
RHSA-2016:0176 - Security Advisory - Red Hat Customer PortalThird Party Advisory
-
http://www.vmware.com/security/advisories/VMSA-2016-0002.html
VMSA-2016-0002.1
Jump to